We have released a number of upgrades to the Traceback direct link protection mechanism for Redirect users.
For ixkio customers using the Redirect mode with authentication NFC tags, the Traceback system is designed to prevent 'authenticated' pages on customer websites being accessed if the user hasn't been redirected from ixkio.
This is important as the typical flow on a redirect is that a user will scan an NFC tag to ixkio. Ixkio will undertake the authentication and redirect the user immediately to the landing page on the brand website to inform the user of 'authentication pass' or 'fail'. As this page is openly on the internet, it would be possible to copy the 'authentication pass' page from the brand website and encode it directly onto a counterfeit tag - therefore bypassing the ixkio auth system.
The Traceback system has been widely used and we are now adding some additional features :
It's now possible to set up more than one Traceback code in ixkio and each can be managed separately. For larger platform configurations where users might have multiple brands or possibly internal facing and customer facing responses, this can enable more complex options.
Inline Script Modifications
The Traceback system works very quickly and many users decide to hold 'authentication pass' page display until Traceback has been completed, this can sometimes result in a screen flicker. We've added the option of a display pause which, while not necessary, can improve the user experience by informing that a check is 'in progress' (or a blank screen) and prevent the flicker. The length of display pause can be set and changed via the console.